From e2582664b32a70b7e36dbcf415f15810c3b187f5 Mon Sep 17 00:00:00 2001 From: fmoor Date: Wed, 26 Nov 2025 13:36:38 -0700 Subject: [PATCH 1/4] AWS & DigitalOcean deployment guide updates --- .../running/deployment/aws_aurora_ecs.rst | 9 + .../running/deployment/digitalocean.rst | 228 +----------------- 2 files changed, 11 insertions(+), 226 deletions(-) diff --git a/docs/reference/running/deployment/aws_aurora_ecs.rst b/docs/reference/running/deployment/aws_aurora_ecs.rst index 36130d6c88f..caff1e7935a 100644 --- a/docs/reference/running/deployment/aws_aurora_ecs.rst +++ b/docs/reference/running/deployment/aws_aurora_ecs.rst @@ -6,6 +6,15 @@ AWS :edb-alt-title: Deploying Gel to AWS +.. note:: + + We recomend using our `helm chart ` to deploy gel on AWS. The + CloudFormation guide below does not configure TLS certificates correctly. + +.. _helm-chart: + https://github.com/geldata/helm-charts/blob/main + /charts/gel-server/README.md + .. include:: ./note_cloud.rst In this guide we show how to deploy Gel on AWS using Amazon Aurora and diff --git a/docs/reference/running/deployment/digitalocean.rst b/docs/reference/running/deployment/digitalocean.rst index 6e043539168..5adeec07908 100644 --- a/docs/reference/running/deployment/digitalocean.rst +++ b/docs/reference/running/deployment/digitalocean.rst @@ -6,229 +6,5 @@ DigitalOcean :edb-alt-title: Deploying Gel to DigitalOcean -In this guide we show how to deploy Gel to DigitalOcean either with a -One-click Deploy option or a -:ref:`managed PostgreSQL ` -database as the backend. - -.. include:: ./note_cloud.rst - -.. include:: ./note_cloud_reset_password.rst - -One-click Deploy -++++++++++++++++ - -Prerequisites -============= - -* |gelcmd| CLI (`install `_) -* DigitalOcean account - -Click the button below and follow the droplet creation workflow on -DigitalOcean to deploy a Gel instance. - -.. image:: https://www.deploytodo.com/do-btn-blue.svg - :target: 1-click-button_ - :width: 225px - -.. _1-click-button: - https://marketplace.digitalocean.com/apps/edgedb?refcode=f0b0d77b5d49 - -By default, the admin password is ``gelpassword``; let's change that to -something more secure. First, find your droplet's IP address on the -`DigitalOcean dashboard `_ and assign -it to an environment variable ``IP``. - -.. _DigitalOcean: https://cloud.digitalocean.com/droplets? -.. _here: gel-install_ - -.. code-block:: bash - - $ IP= - -Then use the ``read`` command to securely assign a value to the ``PASSWORD`` -environment variable. - -.. code-block:: bash - - $ echo -n "> " && read -s PASSWORD - -Use these variables to change the password for the default role |admin|. - -.. code-block:: bash - - $ printf gelpassword | gel query \ - --host $IP \ - --password-from-stdin \ - --tls-security insecure \ - "alter role admin set password := '${PASSWORD}'" - OK: ALTER ROLE - -.. _ref_guide_deployment_digitalocean_link: - -Construct the DSN ------------------ - -Let's construct your instance's DSN (also known as a "connection string"). -We'll write the value to a file called ``dsn.txt`` so it doesn't get stored in -shell logs. - -.. code-block:: bash - - $ echo gel://admin:$PASSWORD@$IP > dsn.txt - -Copy the value from ``dsn.txt``. Run the following command to open a REPL -to the new instance. - -.. code-block:: bash - - $ gel --dsn --tls-security insecure - gel> - -Success! You're now connected to your remote instance. - -It's often useful to assign an alias to the remote instance using -:gelcmd:`instance link`. - -.. code-block:: bash - - $ gel instance link \ - --dsn \ - --trust-tls-cert \ - --non-interactive \ - my_instance - Authenticating to gel://admin@1.2.3.4:5656/main - Trusting unknown server certificate: - SHA1:1880da9527be464e2cad3bdb20dfc430a6af5727 - Successfully linked to remote instance. To connect run: - gel -I my_instance - -You can now use the ``-I`` CLI flag to execute commands against your remote -instance: - -.. code-block:: bash - - $ gel -I my_instance - gel> - - -.. _ref_guide_deployment_digitalocean_managed: - -Deploy with Managed PostgreSQL -++++++++++++++++++++++++++++++ - -Prerequisites -============= - -* |gelcmd| CLI (`install `_) -* DigitalOcean account -* ``doctl`` CLI (`install `_) -* ``jq`` (`install `_) - -.. _gel-install: https://www.edgedb.com/install -.. _doclt-install: https://docs.digitalocean.com/reference/doctl/how-to/install -.. _jq: https://stedolan.github.io/jq/ - - -Create a managed PostgreSQL instance -==================================== - -If you already have a PostgreSQL instance you can skip this step. - -.. code-block:: bash - - $ DSN="$( \ - doctl databases create gel-postgres \ - --engine pg \ - --version 14 \ - --size db-s-1vcpu-1gb \ - --num-nodes 1 \ - --region sfo3 \ - --output json \ - | jq -r '.[0].connection.uri' )" - - -Provision a droplet -=================== - -Replace ``$SSH_KEY_IDS`` with the ids for the ssh keys you want to ssh into the -new droplet with. Separate multiple values with a comma. You can list your -keys with ``doctl compute ssh-key list``. If you don't have any ssh keys in -your DigitalOcean account you can follow `this guide `_ to -add one now. - -.. _upload-ssh-keys: - https://docs.digitalocean.com/products/droplets - /how-to/add-ssh-keys/to-account/ - -.. code-block:: bash - - $ IP="$( \ - doctl compute droplet create gel \ - --image gel \ - --region sfo3 \ - --size s-2vcpu-4gb \ - --ssh-keys $SSH_KEY_IDS \ - --format PublicIPv4 \ - --no-header \ - --wait )" - -Configure the backend Postgres DSN. To simplify the initial deployment, let's -instruct Gel to run in insecure mode (with password authentication off and -an autogenerated TLS certificate). We will secure the instance once things are -up and running. - -.. code-block:: bash - - $ printf "GEL_SERVER_BACKEND_DSN=${DSN} \ - \nGEL_SERVER_SECURITY=insecure_dev_mode\n" \ - | ssh root@$IP -T "cat > /etc/gel/env" - - $ ssh root@$IP "systemctl restart gel.service" - -Set the superuser password. - -.. code-block:: bash - - $ echo -n "> " && read -s PASSWORD - - $ gel -H $IP --tls-security insecure query \ - "alter role admin set password := '$PASSWORD'" - OK: ALTER ROLE - -Set the security policy to strict. - -.. code-block:: bash - - $ printf "GEL_SERVER_BACKEND_DSN=${DSN} \ - \nGEL_SERVER_SECURITY=strict\n" \ - | ssh root@$IP -T "cat > /etc/gel/env" - - $ ssh root@$IP "systemctl restart gel.service" - - -.. note:: - - To upgrade an existing Gel droplet to the latest point release, ``ssh`` - into your droplet and run the following. - - .. code-block:: bash - - $ apt-get update && apt-get install --only-upgrade gel-server-6 - $ systemctl restart gel - -That's it! Refer to the :ref:`Construct the DSN -` section above to connect to your -instance. - -.. note:: - - The command groups :gelcmd:`instance` and :gelcmd:`project` are not - intended to manage production instances. - -Health Checks -============= - -Using an HTTP client, you can perform health checks to monitor the status of -your Gel instance. Learn how to use them with our :ref:`health checks guide -`. +Create a droplet and use the :ref:`_ref_guide_deployment_bare_metal` guide to +install gel server. From b8c7fb13320a7c905a0551d81c4643974af13458 Mon Sep 17 00:00:00 2001 From: fmoor Date: Wed, 26 Nov 2025 16:11:06 -0700 Subject: [PATCH 2/4] Fix link syntax --- docs/reference/running/deployment/aws_aurora_ecs.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/running/deployment/aws_aurora_ecs.rst b/docs/reference/running/deployment/aws_aurora_ecs.rst index caff1e7935a..8a14e01246c 100644 --- a/docs/reference/running/deployment/aws_aurora_ecs.rst +++ b/docs/reference/running/deployment/aws_aurora_ecs.rst @@ -8,7 +8,7 @@ AWS .. note:: - We recomend using our `helm chart ` to deploy gel on AWS. The + We recomend using our `helm chart `_ to deploy gel on AWS. The CloudFormation guide below does not configure TLS certificates correctly. .. _helm-chart: From 899e9f86b8a281bfce02805f641a1033fcc78d67 Mon Sep 17 00:00:00 2001 From: fmoor Date: Wed, 26 Nov 2025 16:17:31 -0700 Subject: [PATCH 3/4] fix ref syntax --- docs/reference/running/deployment/digitalocean.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/running/deployment/digitalocean.rst b/docs/reference/running/deployment/digitalocean.rst index 5adeec07908..6fd683f04f7 100644 --- a/docs/reference/running/deployment/digitalocean.rst +++ b/docs/reference/running/deployment/digitalocean.rst @@ -6,5 +6,5 @@ DigitalOcean :edb-alt-title: Deploying Gel to DigitalOcean -Create a droplet and use the :ref:`_ref_guide_deployment_bare_metal` guide to +Create a droplet and use the :ref:`ref_guide_deployment_bare_metal` guide to install gel server. From e679d4ca92f029655a08f3fce83f589265e8f284 Mon Sep 17 00:00:00 2001 From: Frederick Date: Fri, 28 Nov 2025 10:35:52 -0700 Subject: [PATCH 4/4] Update docs/reference/running/deployment/aws_aurora_ecs.rst Co-authored-by: Greg Schofield --- docs/reference/running/deployment/aws_aurora_ecs.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/running/deployment/aws_aurora_ecs.rst b/docs/reference/running/deployment/aws_aurora_ecs.rst index 8a14e01246c..5d6ce5bd692 100644 --- a/docs/reference/running/deployment/aws_aurora_ecs.rst +++ b/docs/reference/running/deployment/aws_aurora_ecs.rst @@ -8,7 +8,7 @@ AWS .. note:: - We recomend using our `helm chart `_ to deploy gel on AWS. The + We recomend using our `helm chart `_ to deploy gel on AWS EKS. The CloudFormation guide below does not configure TLS certificates correctly. .. _helm-chart: